1. Field of the Invention
This invention relates generally to network security and more specifically to a system and method for authenticating the identity of a remote electronic device user (or client) seeking electronic access to, or seeking to perform an electronic transaction with, a host device.
2. Description of the Related Art
Following the teachings of R. Dube in U.S. Pat. No. 7,231,044, timing signals propagating from remote RF sources such as GPS satellites are differentially delayed due to the presence of free electron content along the line of sight between the satellite and the receiver. Sources of such delays can include fluctuations in the ionosphere's total electron content, the movement of objects such as trees along the line of sight, and the presence of structures, such as wood, concrete, sheetrock, etc. All of these add, to different degrees, delays to the total propagation time of the signals through them. In general, such delays are a function of the specific frequency, and U.S. Pat. No. 7,231,044 describes the process of using differential time delays to extract random fluctuations that can then be used as the basis for creating non-algorithmic cryptographic keys.
Intervening materials are also known to contribute to the scattering of these signals, thereby reducing the strength of the signals (compared to an ideal case where no such intervening materials were present) arriving at the receiver. By correlating the degree of attenuation to the direction of propagation of the signal (usually characterized by altitude and azimuth angles of a satellite with respect to the horizon and the northerly, southerly or equatorially neutral direction), it is possible to develop a map of the attenuation “signature” around a receiver in a given location. To the degree that this signature is stable, it can be used at a later time to verify whether or not a receiver is in fact at a previously characterized location.
Moreover, Dube in U.S. Pat. No. 7,177,426 further teaches a means to employ location characterization and random numbers measured in real time to secure files based on location. The system can employ a challenge/response process between a client and server that further raises the difficulty in defeating such a system by employing dynamic random numbers whose values change and are updated on both client and server upon successful authentication of a user.
Very large office buildings, those within a large metropolitan area that has many high rise buildings, and inner or underground locations can severely limit or even eliminate the presence of signals at those deep locations. This makes the operation of a system employing this technology difficult or impossible.
However, Dube and R. L. Morgenstern in U.S. Pat. No. 7,551,739 teaches that signals from inside an identified and/or protected space employing random numbers, such as those from R. Dube U.S. Pat. No. 7,231,044, can be used in a broadcast to detect any anomaly, such as unauthorized movement, of the monitored object when the application of technology envisioned by U.S. Pat. No. 7,231,044 is not feasible.
Whereas, U.S. Pat. No. 7,551,739 covers the broadcast of random numbers from within an identified and/or protected space (fixed or mobile) to objects nearby for purpose of anomaly detection, there is still a need to develop a solution in which external signals can be provided to inner regions of physical structures as described, without allowing the spoofing of such signals by maliciously inclined users.